[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Has my e-mail account been hacked?

On Mon 12 Oct 2015 at 10:43:42 -0400, Stephen Powell wrote:

> About a week ago, I discovered hundreds of "mail delivery failure"
> messages in my inbox.  Investigation revealed that they were all for
> SPAM e-mails that I did not send.  I am guessing that this means one
> of two things:
> 
> (1) Someone discovered my password somehow, logged into my ISP
> account as me, and sent out a bunch of SPAM.

I tend to think passwords (except the very simplest or guessable ones)
are not "discovered" but handed over.

> Or
> 
> (2) Someone sent out a bunch of SPAM, spoofing my e-mail address
> as the sender, and the delivery failures came to me.
> 
> How can I tell which is the case, and if it's (2), is there anything
> I can do to defend myself against this sort of thing in the future?

Mails composed with Mutt which leave this machine have the not very
imaginative  header "X-Backscatter: 123456789" in them. If one of them
is rejected the bounce message usually has all the headers of the
original mail in its body. A bounce message  can be searched for the
presence or otherwise of the X- header and dealt with accordingly.

Maybe SpamAssassin in conjunction with Zimbra is worth a look.
Reply to: